about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ops/machines/whitby/default.nix6
-rw-r--r--ops/modules/tvl-buildkite.nix1
2 files changed, 7 insertions, 0 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix
index 7518e671795b..2078d86491f8 100644
--- a/ops/machines/whitby/default.nix
+++ b/ops/machines/whitby/default.nix
@@ -248,6 +248,12 @@ in
         group = "buildkite-agents";
       };
 
+      buildkite-private-key = {
+        file = secretFile "buildkite-ssh-private-key";
+        mode = "0440";
+        group = "buildkite-agents";
+      };
+
       gerrit-besadii-config = {
         file = secretFile "besadii";
         owner = "git";
diff --git a/ops/modules/tvl-buildkite.nix b/ops/modules/tvl-buildkite.nix
index c38687f80f71..4341ef01d744 100644
--- a/ops/modules/tvl-buildkite.nix
+++ b/ops/modules/tvl-buildkite.nix
@@ -41,6 +41,7 @@ in
           inherit name;
           enable = true;
           tokenPath = config.age.secretsDir + "/buildkite-agent-token";
+          privateSshKeyPath = config.age.secretsDir + "/buildkite-private-key";
           hooks.post-command = "${buildkiteHooks}/bin/post-command";
 
           runtimePackages = with pkgs; [
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-01T00ยท37+0000